From 44155c3e0e97257b300aa612584fc29f920886fd Mon Sep 17 00:00:00 2001
From: Kevin Velarde <kevin.velarde@itential.com>
Date: Fri, 17 Oct 2025 01:39:58 -0600
Subject: [PATCH 1/2] Initial Galaxy release

---
 README.md                                     | 105 +++++++-----------
 example_inventories/aio_asa_ha.yml            |  32 ++++++
 example_inventories/aio_single_node.yaml      |  27 ++---
 ...buted_service_excution_single_cluster.yaml |  49 ++++++++
 .../ha_distributed_execution.yaml             |  52 +++++++++
 example_inventories/multiple_cluster.yaml     |  83 ++++++++++++++
 galaxy.yml                                    |  21 ++--
 roles/gateway/defaults/main.yml               |   4 +-
 .../gateway_client/defaults/main/install.yml  |  18 +++
 .../defaults/{pki.yml => main/log.yml}        |   5 +-
 .../defaults/{main.yml => main/pki.yml}       |  28 -----
 .../gateway_client/defaults/main/secrets.yml  |   9 ++
 roles/gateway_client/defaults/main/server.yml |  11 ++
 .../gateway_client/defaults/main/terminal.yml |   8 ++
 .../tasks/install_gateway_client.yml          |   2 +-
 roles/gateway_client/tasks/main.yml           |   5 +
 roles/gateway_client/tasks/upload_certs.yml   |   6 +-
 roles/gateway_client/tasks/validate-vars.yml  |  44 ++++++++
 .../defaults/main/application.yml             |   8 --
 .../gateway_server/defaults/main/connect.yml  |   4 +
 roles/gateway_server/defaults/main/store.yml  |   7 +-
 .../gateway_server/tasks/install_gateway.yml  |  14 +--
 roles/gateway_server/tasks/install_tofu.yml   |   2 +-
 roles/gateway_server/tasks/main.yml           |   4 +-
 roles/gateway_server/tasks/upload_certs.yml   |  10 +-
 roles/gateway_server/tasks/validate-vars.yml  |  27 ++++-
 roles/gateway_server/templates/runner.conf.j2 |   6 +-
 roles/gateway_server/templates/server.conf.j2 |   6 +-
 28 files changed, 434 insertions(+), 163 deletions(-)
 create mode 100644 roles/gateway_client/defaults/main/install.yml
 rename roles/gateway_client/defaults/{pki.yml => main/log.yml} (66%)
 rename roles/gateway_client/defaults/{main.yml => main/pki.yml} (55%)
 create mode 100644 roles/gateway_client/defaults/main/secrets.yml
 create mode 100644 roles/gateway_client/defaults/main/server.yml
 create mode 100644 roles/gateway_client/defaults/main/terminal.yml
 create mode 100644 roles/gateway_client/tasks/validate-vars.yml
 delete mode 100644 roles/gateway_server/defaults/main/application.yml

diff --git a/README.md b/README.md
index 57f7544..a460562 100644
--- a/README.md
+++ b/README.md
@@ -476,31 +476,21 @@ all:
   vars:
     ansible_user: <ANSIBLE-USER>
 
-    # Nexus
+    # Itential Nexus repository
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
-  children:
-    gateway_all:
-      children:
-        iag5_servers:
-        iag5_clients:
-      vars:
-        gateway_pki_src_dir: <PKI-DIR>
-
-    gateway_servers:
-      children:
-        iag5_servers:
-      vars:
-        gateway_server_packages:
-          - <IAGCTL-RPM>
-        gateway_server_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
 
+  children:
     iag5_servers:
       hosts:
         <IAG5-SERVER-HOSTNAME>:
           ansible_host: <IAG5-SERVER-IP>
       vars:
+        gateway_server_packages:
+          - <IAGCTL-RPM>
         gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
 
     iag5_clients:
@@ -508,9 +498,9 @@ all:
         <IAG5-CLIENT-HOSTNAME>:
           ansible_host: <IAG5-CLIENT-IP>
       vars:
-        gateway_client_host: <IAG-SERVER-IP>
         gateway_client_packages:
           - <IAGCTL-TARBALL>
+        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### All-in-one Active/Standby High Availability Inventory
@@ -524,42 +514,33 @@ all:
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
-  children:
-    gateway_all:
-      children:
-        iag5_servers:
-        iag5_clients:
-      vars:
-        gateway_pki_src_dir: <PKI-DIR>
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
 
-    gateway_servers:
-      children:
-        iag5_servers:
+  children:
+    iag5_servers:
+      hosts:
+        <ACTIVE-IAG5-SERVER-HOSTNAME>:
+          ansible_host: <ACTIVE-IAG5-SERVER-IP>
+        <STANDBY-IAG5-SERVER-HOSTNAME>:
+          ansible_host: <STANDBY-IAG5-SERVER-IP>
       vars:
         gateway_server_packages:
           - <IAGCTL-RPM>
-        gateway_server_secrets_encrypt_key: <ENCRYPT-KEY>
 
         # Etcd
         gateway_server_store_backend: etcd
         gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER2-IP>:2379
         gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
 
-    iag5_servers:
-      hosts:
-        <ACTIVE-IAG5-SERVER-HOSTNAME>:
-          ansible_host: <ACTIVE-IAG5-SERVER-IP>
-        <STANDBY-IAG5-SERVER-HOSTNAME>:
-          ansible_host: <STANDBY-IAG5-SERVER-IP>
-
     iag5_clients:
       hosts:
         <IAG5-CLIENT-HOSTNAME>:
           ansible_host: <IAG5-CLIENT-IP>
       vars:
-        gateway_client_host: <IAG-SERVER-IP>
         gateway_client_packages:
           - <IAGCTL-TARBALL>
+        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### Distributed Service Execution with Single Cluster Inventory
@@ -573,13 +554,10 @@ all:
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
-  children:
-    gateway_all:
-      children:
-        iag5_servers:
-        iag5_runners:
-        iag5_clients:
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
 
+  children:
     gateway_servers:
       children:
         iag5_servers:
@@ -587,7 +565,6 @@ all:
       vars:
         gateway_packages:
           - <IAGCTL-RPM>
-        gateway_secrets_encrypt_key: <ENCRYPT-KEY>
 
         # DynamoDB
         gateway_store_backend: dynamodb
@@ -618,9 +595,9 @@ all:
         <IAG5-CLIENT-HOSTNAME>:
           ansible_host: <IAG5-CLIENT-IP>
       vars:
-        gateway_client_host: <IAG-SERVER-IP>
         gateway_client_packages:
           - <IAGCTL-TARBALL>
+        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### High Availability with Distributed Execution Inventory
@@ -634,21 +611,19 @@ all:
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
-  children:
-    gateway_all:
-      children:
-        iag5_servers:
-        iag5_clients:
-      vars:
-        gateway_pki_src_dir: <PKI-DIR>
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
 
+  children:
     gateway_servers:
       children:
         iag5_servers:
+        iag5_runners:
       vars:
         gateway_server_packages:
           - <IAGCTL-RPM>
-        gateway_server_secrets_encrypt_key: <ENCRYPT-KEY>
+
+        # Etcd
         gateway_server_store_backend: etcd
         gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER2-IP>:2379
         gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
@@ -662,7 +637,7 @@ all:
       vars:
         gateway_server_distributed_execution: true
 
-iag5_runners:
+    iag5_runners:
       hosts:
         <IAG5-RUNNER1-HOSTNAME>:
           ansible_host: <IAG5-RUNNER1-IP>
@@ -676,14 +651,15 @@ iag5_runners:
         <IAG5-CLIENT-HOSTNAME>:
           ansible_host: <IAG5-CLIENT-IP>
       vars:
-        gateway_client_host: <IAG-SERVER-IP>
         gateway_client_packages:
           - <IAGCTL-TARBALL>
+        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### Multiple Cluster Architecture Inventories
 
 Cluster 1:
+Note - `gateway_server_cluster_id` is set to `cluster_1` in the `iag5_servers` vars section.
 
 ```yaml
 all:
@@ -694,13 +670,10 @@ all:
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
-  children:
-    gateway_all:
-      children:
-        iag5_servers:
-        iag5_runners:
-        iag5_clients:
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
 
+  children:
     gateway_servers:
       children:
         iag5_servers:
@@ -738,12 +711,13 @@ all:
         <IAG5-CLIENT-HOSTNAME>:
           ansible_host: <IAG5-CLIENT-IP>
       vars:
-        gateway_client_host: <IAG-SERVER-IP>
         gateway_client_packages:
           - <IAGCTL-TARBALL>
+        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 Cluster 2:
+Note - `gateway_server_cluster_id` is set to `cluster_2` in the `iag5_servers` vars section.
 
 ```yaml
 all:
@@ -754,13 +728,10 @@ all:
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
-  children:
-    gateway_all:
-      children:
-        iag5_servers:
-        iag5_runners:
-        iag5_clients:
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
 
+  children:
     gateway_servers:
       children:
         iag5_servers:
diff --git a/example_inventories/aio_asa_ha.yml b/example_inventories/aio_asa_ha.yml
index e69de29..03adb4d 100644
--- a/example_inventories/aio_asa_ha.yml
+++ b/example_inventories/aio_asa_ha.yml
@@ -0,0 +1,32 @@
+all:
+  vars:
+    ansible_user: rocky
+
+    # Nexus
+    repository_username: <NEXUS-USERNAME>
+    repository_password: <NEXUS-PASSWORD>
+
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
+
+  children:
+    iag5_servers:
+      hosts:
+        active-server:
+          ansible_host: <ACTIVE-SERVER-IP>
+        standby-server:
+          ansible_host: <STANDBY-SERVER-IP>
+      vars:
+        gateway_packages:
+          - <IAGCTL-RPM>
+        gateway_server_store_backend: etcd
+        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
+
+    iag5_clients:
+      hosts:
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <ACTIVE-SERVER-IP>
+      vars:
+        gateway_client_packages:
+          - <IAGCTL-TARBALL>
diff --git a/example_inventories/aio_single_node.yaml b/example_inventories/aio_single_node.yaml
index b05b1aa..078066e 100644
--- a/example_inventories/aio_single_node.yaml
+++ b/example_inventories/aio_single_node.yaml
@@ -2,33 +2,28 @@ all:
   vars:
     ansible_user: rocky
 
-    # Uncomment and configure the following two variables if you want the playbook to download the
-    # iactl artifacts from the Itential repository (Nexus).
-    # Otherwise, the iactl artifacts will need to be downloaded from the Itential repository
-    # manually and placed in the playbooks/files directory.
-    # repository_username: <NEXUS-USER>
-    # repository_password: <NEXUS-PASSWORD>
+    # Nexus
+    repository_username: <NEXUS-USERNAME>
+    repository_password: <NEXUS-PASSWORD>
 
-    # The encrpyt key can be generated using the command:
-    #  'openssl rand -hex 32'
     gateway_secrets_encrypt_key: <ENCRYPT-KEY>
-    tls_pki_local_dir: <LOCAL-PKI-DIR>
-    gateway_pki_src_dir: "{{ tls_pki_local_dir }}"
+    gateway_pki_src_dir: <PKI-DIR>
 
   children:
     iag5_servers:
       hosts:
-        <IAG5-SERVER-HOSTNAME>:
-          ansible_host: <IAG5-SERVER-IP>
+        server:
+          ansible_host: <SERVER-IP>
       vars:
-        gateway_server_packages:
+        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
+        gateway_packages:
           - <IAGCTL-RPM>
 
     iag5_clients:
       hosts:
-        <IAG5-CLIENT-HOSTNAME>:
-          ansible_host: <IAG5-CLIENT-IP>
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <SERVER-IP>
       vars:
         gateway_client_packages:
           - <IAGCTL-TARBALL>
-        gateway_client_host: <IAG5-SERVER-IP>
diff --git a/example_inventories/distributed_service_excution_single_cluster.yaml b/example_inventories/distributed_service_excution_single_cluster.yaml
index e69de29..16be111 100644
--- a/example_inventories/distributed_service_excution_single_cluster.yaml
+++ b/example_inventories/distributed_service_excution_single_cluster.yaml
@@ -0,0 +1,49 @@
+all:
+  vars:
+    ansible_user: rocky
+
+    # Nexus
+    repository_username: <NEXUS-USERNAME>
+    repository_password: <NEXUS-PASSWORD>
+
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
+
+  children:
+    iag5_servers:
+      hosts:
+        server:
+          ansible_host: <SERVER-IP>
+
+    iag5_runners:
+      hosts:
+        runner1:
+          ansible_host: <RUNNER1-IP>
+        runner2:
+          ansible_host: <RUNNER2-IP>
+        runner3:
+          ansible_host: <RUNNER3-IP>
+      vars:
+        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
+        gateway_server_distributed_execution: true
+
+    servers_runners:
+      hosts:
+        server:
+        runner1:
+        runner2:
+        runner3:
+      vars:
+        gateway_packages:
+          - <IAGCTL-RPM>
+        gateway_server_store_backend: etcd
+        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
+
+    iag5_clients:
+      hosts:
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <SERVER-IP>
+      vars:
+        gateway_client_packages:
+          - <IAGCTL-TARBALL>
diff --git a/example_inventories/ha_distributed_execution.yaml b/example_inventories/ha_distributed_execution.yaml
index e69de29..b9d829b 100644
--- a/example_inventories/ha_distributed_execution.yaml
+++ b/example_inventories/ha_distributed_execution.yaml
@@ -0,0 +1,52 @@
+all:
+  vars:
+    ansible_user: rocky
+
+    # Nexus
+    repository_username: <NEXUS-USERNAME>
+    repository_password: <NEXUS-PASSWORD>
+
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
+
+  children:
+    iag5_servers:
+      hosts:
+        active-server:
+          ansible_host: <ACTIVE-SERVER-IP>
+        standby-server:
+          ansible_host: <STANDBY-SERVER-IP>
+
+    iag5_runners:
+      hosts:
+        runner1:
+          ansible_host: <RUNNER1-IP>
+        runner2:
+          ansible_host: <RUNNER2-IP>
+        runner3:
+          ansible_host: <RUNNER3-IP>
+      vars:
+        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
+        gateway_server_distributed_execution: true
+
+    servers_runners:
+      hosts:
+        active-server:
+        standby-server:
+        runner1:
+        runner2:
+        runner3:
+      vars:
+        gateway_packages:
+          - <IAGCTL-RPM>
+        gateway_server_store_backend: etcd
+        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
+
+    iag5_clients:
+      hosts:
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <ACTIVE-SERVER-IP>
+      vars:
+        gateway_client_packages:
+          - <IAGCTL-TARBALL>
diff --git a/example_inventories/multiple_cluster.yaml b/example_inventories/multiple_cluster.yaml
index e69de29..e7f417c 100644
--- a/example_inventories/multiple_cluster.yaml
+++ b/example_inventories/multiple_cluster.yaml
@@ -0,0 +1,83 @@
+all:
+  vars:
+    ansible_user: rocky
+
+    # Nexus
+    repository_username: <NEXUS-USERNAME>
+    repository_password: <NEXUS-PASSWORD>
+
+    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+    gateway_pki_src_dir: <PKI-DIR>
+
+  children:
+    iag5_servers:
+      hosts:
+        cluster1_server:
+          ansible_host: <CLUSTER1-SERVER-IP>
+        cluster2_server:
+          ansible_host: <CLUSTER2-SERVER-IP>
+
+    iag5_runners:
+      hosts:
+        cluster1_runner1:
+          ansible_host: <CLUSTER1-RUNNER1-IP>
+        cluster1_runner2:
+          ansible_host: <CLUSTER1-RUNNER2-IP>
+        cluster1_runner3:
+          ansible_host: <CLUSTER1-RUNNER3-IP>
+        cluster2_runner1:
+          ansible_host: <CLUSTER2-RUNNER1-IP>
+        cluster2_runner2:
+          ansible_host: <CLUSTER2-RUNNER2-IP>
+        cluster2_runner3:
+          ansible_host: <CLUSTER2-RUNNER3-IP>
+      vars:
+        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
+        gateway_server_distributed_execution: true
+
+    servers_runners:
+      hosts:
+        cluster1_server:
+        cluster1_runner1:
+        cluster1_runner2:
+        cluster1_runner3:
+        cluster2_server:
+        cluster2_runner1:
+        cluster2_runner2:
+        cluster2_runner3:
+      vars:
+        gateway_packages:
+          - <IAGCTL-RPM>
+        gateway_server_store_backend: etcd
+
+    cluster1:
+      hosts:
+        cluster1_server:
+        cluster1_runner1:
+        cluster1_runner2:
+        cluster1_runner3:
+      vars:
+        cluster_id: cluster_1
+        gateway_server_store_etcd_hosts: <CLUSTER1-ETCD-SERVER1-IP>:2379 <CLUSTER1-ETCD-SERVER2-IP>:2379 <CLUSTER1-ETCD-SERVER3-IP>:2379
+
+    cluster2:
+      hosts:
+        cluster2_server:
+        cluster2_runner1:
+        cluster2_runner2:
+        cluster2_runner3:
+      vars:
+        cluster_id: cluster_2
+        gateway_server_store_etcd_hosts: <CLUSTER2-ETCD-SERVER1-IP>:2379 <CLUSTER2-ETCD-SERVER2-IP>:2379 <CLUSTER2-TCD-SERVER3-IP>:2379
+
+    iag5_clients:
+      hosts:
+        cluster1_client:
+          ansible_host: <CLUSTER1-CLIENT-IP>
+          gateway_client_host: <CLUSTER1-SERVER-IP>
+        cluster2_client:
+          ansible_host: <CLUSTER2-CLIENT-IP>
+          gateway_client_host: <CLUSTER2-SERVER-IP>
+      vars:
+        gateway_client_packages:
+          - <IAGCTL-TARBALL>
diff --git a/galaxy.yml b/galaxy.yml
index 7c96070..20d3055 100644
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -8,7 +8,7 @@ namespace: itential
 name: iag5
 
 # The version of the collection. Must be compatible with semantic versioning
-version: 0.0.1
+version: 1.0.0
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: README.md
@@ -42,7 +42,8 @@ tags:
 # collection label 'namespace.name'. The value is a version range
 # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
 # range specifiers can be set and are separated by ','
-# dependencies:
+dependencies:
+  'ansible.posix': '>=0.0.1'
 
 # The URL of the originating SCM repository
 repository: https://github.com/itential/itential.iag5
@@ -61,17 +62,23 @@ issues: https://github.com/itential/itential.iag5/issues
 # uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry',
 # and '.git' are always filtered. Mutually exclusive with 'manifest'
 build_ignore:
+  - .ansible
+  - .ansible-lint
+  - .github
   - .gitignore
-  - .gitlab-ci.yml
   - ansible.cfg
-  - '*.log'
   - '*.bin'
-  - '*.whl'
-  - '*.tgz'
+  - '*.cert'
   - '*.gz'
+  - '*.keep'
+  - '*.log'
   - '*.pem'
-  - '*.cert'
+  - '*.tgz'
+  - '*.whl'
+  - inventories
+  - inventory
   - scripts
+  - test
 
 # A dict controlling use of manifest directives used in building the collection artifact. The key 'directives' is a
 # list of MANIFEST.in style
diff --git a/roles/gateway/defaults/main.yml b/roles/gateway/defaults/main.yml
index d3ebb0d..fcdca0d 100644
--- a/roles/gateway/defaults/main.yml
+++ b/roles/gateway/defaults/main.yml
@@ -15,8 +15,10 @@ repository_password:  # noqa var-naming[no-role-prefix]
 gateway_pki_upload: true
 gateway_pki_key_suffix: .key
 gateway_pki_cert_suffix: .crt
-gateway_pki_src_dir:  # The local pki directory must be defined in the inventory
+# The gateway_pki_src_dir must be defined in the inventory if gateway_pki_upload is set to 'true'
+gateway_pki_src_dir:
 
 # Secrets encrypt key
+# The gateway_secrets_encrypt_key must be defined in the inventory.
 gateway_secrets_encrypt_key:
 gateway_secrets_encrypt_key_file: "{{ gateway_secrets_encrypt_key_dir }}/encryption-key"
diff --git a/roles/gateway_client/defaults/main/install.yml b/roles/gateway_client/defaults/main/install.yml
new file mode 100644
index 0000000..476084a
--- /dev/null
+++ b/roles/gateway_client/defaults/main/install.yml
@@ -0,0 +1,18 @@
+# Copyright (c) 2025, Itential, Inc
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+##################################
+# Gateway client install variables
+##################################
+
+# The list of gateway client packages to install. Currently this is a single tarball.
+# Must be defined in the inventory.
+gateway_client_packages:
+
+# Gateway client user/group
+gateway_client_user: itential
+gateway_client_group: itential
+
+# Gateway client install and working and directories
+gateway_client_install_dir: "/home/{{ gateway_client_user }}/.local/bin"
+gateway_client_working_dir: "/home/{{ gateway_client_user }}/.gateway.d"
diff --git a/roles/gateway_client/defaults/pki.yml b/roles/gateway_client/defaults/main/log.yml
similarity index 66%
rename from roles/gateway_client/defaults/pki.yml
rename to roles/gateway_client/defaults/main/log.yml
index c77b31e..a0231ca 100644
--- a/roles/gateway_client/defaults/pki.yml
+++ b/roles/gateway_client/defaults/main/log.yml
@@ -2,7 +2,8 @@
 # GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
 ---
 ##############################
-# Gateway client TLS variables
+# Gateway client log variables
 ##############################
 
-# TODO - Remove?
+# Gateway client logging variables
+gateway_client_log_level: INFO
diff --git a/roles/gateway_client/defaults/main.yml b/roles/gateway_client/defaults/main/pki.yml
similarity index 55%
rename from roles/gateway_client/defaults/main.yml
rename to roles/gateway_client/defaults/main/pki.yml
index 99fe3a3..c131b3c 100644
--- a/roles/gateway_client/defaults/main.yml
+++ b/roles/gateway_client/defaults/main/pki.yml
@@ -1,34 +1,6 @@
 # Copyright (c) 2025, Itential, Inc
 # GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
 ---
-##########################
-# Gateway client variables
-##########################
-
-# The list of gateway client packages to install. Currently this is a single tarball.
-# Must be defined in the inventory.
-gateway_client_packages:
-
-# Gateway client user/group
-gateway_client_user: itential
-gateway_client_group: itential
-
-# Gateway client install and working and directories
-gateway_client_install_dir: "/home/{{ gateway_client_user }}/.local/bin"
-gateway_client_working_dir: "/home/{{ gateway_client_user }}/.gateway.d"
-
-# Gateway client connection variables (which server to connect to)
-gateway_client_host:
-gateway_client_port: 50051
-
-# Gateway client logging variables
-gateway_client_log_level: INFO
-
-gateway_client_terminal_timestamp_timezone: utc
-
-# Gateway clients secrets encrypt key directory
-gateway_secrets_encrypt_key_dir: "{{ gateway_client_working_dir }}/keys"  # noqa var-naming[no-role-prefix]
-
 ##############################
 # Gateway client TLS variables
 ##############################
diff --git a/roles/gateway_client/defaults/main/secrets.yml b/roles/gateway_client/defaults/main/secrets.yml
new file mode 100644
index 0000000..062abfb
--- /dev/null
+++ b/roles/gateway_client/defaults/main/secrets.yml
@@ -0,0 +1,9 @@
+# Copyright (c) 2025, Itential, Inc
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+##################################
+# Gateway client secrets variables
+##################################
+
+# Gateway clients secrets encrypt key directory
+gateway_secrets_encrypt_key_dir: "{{ gateway_client_working_dir }}/keys"  # noqa var-naming[no-role-prefix]
diff --git a/roles/gateway_client/defaults/main/server.yml b/roles/gateway_client/defaults/main/server.yml
new file mode 100644
index 0000000..e029e8b
--- /dev/null
+++ b/roles/gateway_client/defaults/main/server.yml
@@ -0,0 +1,11 @@
+# Copyright (c) 2025, Itential, Inc
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+##################################
+# Gateway client server variables
+##################################
+
+# Gateway client server variables
+# Note: these variables define which server to connect to
+gateway_client_host:
+gateway_client_port: 50051
diff --git a/roles/gateway_client/defaults/main/terminal.yml b/roles/gateway_client/defaults/main/terminal.yml
new file mode 100644
index 0000000..315c19f
--- /dev/null
+++ b/roles/gateway_client/defaults/main/terminal.yml
@@ -0,0 +1,8 @@
+# Copyright (c) 2025, Itential, Inc
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+###################################
+# Gateway client terminal variables
+###################################
+
+gateway_client_terminal_timestamp_timezone: utc
diff --git a/roles/gateway_client/tasks/install_gateway_client.yml b/roles/gateway_client/tasks/install_gateway_client.yml
index 9cc7719..b57f978 100644
--- a/roles/gateway_client/tasks/install_gateway_client.yml
+++ b/roles/gateway_client/tasks/install_gateway_client.yml
@@ -34,7 +34,7 @@
   ansible.builtin.get_url:
     url: "{{ item }}"
     dest: "{{ gateway_client_download_dir.path }}/"
-    mode: '0755'
+    mode: "0755"
     # Sets the appropriate header based on the repository type:
     # - For JFrog: Uses the "X-JFrog-Art-Api" header with the API key if "repository_api_key"
     #   is defined and "jfrog" is part of the download URL.
diff --git a/roles/gateway_client/tasks/main.yml b/roles/gateway_client/tasks/main.yml
index 158a877..92e099b 100644
--- a/roles/gateway_client/tasks/main.yml
+++ b/roles/gateway_client/tasks/main.yml
@@ -1,6 +1,11 @@
 # Copyright (c) 2025, Itential, Inc
 # GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
 ---
+- name: Validate vars
+  ansible.builtin.include_tasks:
+    file: validate-vars.yml
+  tags: always
+
 - name: Install Gateway client
   tags:
     - install
diff --git a/roles/gateway_client/tasks/upload_certs.yml b/roles/gateway_client/tasks/upload_certs.yml
index 384d7db..419af00 100644
--- a/roles/gateway_client/tasks/upload_certs.yml
+++ b/roles/gateway_client/tasks/upload_certs.yml
@@ -18,7 +18,7 @@
         dest: "{{ gateway_client_pki_ca_cert_dest }}"
         owner: "{{ gateway_client_user }}"
         group: "{{ gateway_client_user }}"
-        mode: '0444'
+        mode: "0444"
       when:
         - gateway_client_pki_ca_cert_src is defined
         - gateway_client_pki_ca_cert_src is not none
@@ -29,7 +29,7 @@
         dest: "{{ gateway_client_pki_cert_dest }}"
         owner: "{{ gateway_client_user }}"
         group: "{{ gateway_client_user }}"
-        mode: '0440'
+        mode: "0440"
       when:
         - gateway_client_pki_cert_src is defined
         - gateway_client_pki_cert_src is not none
@@ -40,7 +40,7 @@
         dest: "{{ gateway_client_pki_key_dest }}"
         owner: "{{ gateway_client_user }}"
         group: "{{ gateway_client_group }}"
-        mode: '0400'
+        mode: "0400"
       when:
         - gateway_client_pki_key_src is defined
         - gateway_client_pki_key_src is not none
diff --git a/roles/gateway_client/tasks/validate-vars.yml b/roles/gateway_client/tasks/validate-vars.yml
new file mode 100644
index 0000000..8d0383c
--- /dev/null
+++ b/roles/gateway_client/tasks/validate-vars.yml
@@ -0,0 +1,44 @@
+# Copyright (c) 2025, Itential, Inc
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+- name: Validate Gateway variables
+  tags: always
+  block:
+    - name: Validate gateway_client_packages is set
+      ansible.builtin.assert:
+        that:
+          - gateway_client_packages is defined
+          - gateway_client_packages is iterable
+          - gateway_client_packages | length > 0
+        fail_msg: gateway_client_packages must be defined
+
+    - name: Validate gateway_secrets_encrypt_key is correctly formatted
+      ansible.builtin.assert:
+        that:
+          - gateway_secrets_encrypt_key is match('^[0-9a-fA-F]+$')
+          - gateway_secrets_encrypt_key | length == 64
+        fail_msg: gateway_secrets_encrypt_key must be a 64 character hexadecimal string
+
+    - name: Validate variables when uploading is configured on
+      when: gateway_pki_upload | bool
+      block:
+        - name: Validate gateway_pki_src_dir variable is set
+          ansible.builtin.assert:
+            that:
+              - gateway_pki_src_dir is defined
+              - gateway_pki_src_dir is not none
+            fail_msg: gateway_pki_src_dir must be defined when gateway_pki_upload is set to 'true'
+
+        - name: Stat gateway_pki_src_dir directory
+          ansible.builtin.stat:
+            path: "{{ gateway_pki_src_dir }}"
+          register: gateway_client_pki_dir_stat_result
+          delegate_to: localhost
+          become: false
+
+        - name: Validate gateway_pki_src_dir exists
+          ansible.builtin.assert:
+            that: gateway_client_pki_dir_stat_result.stat.exists
+            fail_msg:
+              - "Local pki directory {{ gateway_pki_src_dir }} does not exist"
+              - "Set gateway_pki_src_dir to a valid directory"
diff --git a/roles/gateway_server/defaults/main/application.yml b/roles/gateway_server/defaults/main/application.yml
deleted file mode 100644
index 0dbeb3d..0000000
--- a/roles/gateway_server/defaults/main/application.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-# Copyright (c) 2025, Itential, Inc
-# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
----
-###############################
-# Gateway application variables
-###############################
-
-# TODO - Remove?
diff --git a/roles/gateway_server/defaults/main/connect.yml b/roles/gateway_server/defaults/main/connect.yml
index f79a784..197fdfa 100644
--- a/roles/gateway_server/defaults/main/connect.yml
+++ b/roles/gateway_server/defaults/main/connect.yml
@@ -7,6 +7,10 @@
 
 gateway_server_connect_enabled: true
 
+# The gateway_server_connect_hosts must be set in the inventory if gateway_server_connect_enabled
+# is set to 'true'.
+gateway_server_connect_hosts:
+
 gateway_server_connect_server_ha_enabled: false
 gateway_server_connect_server_ha_is_primary: false
 
diff --git a/roles/gateway_server/defaults/main/store.yml b/roles/gateway_server/defaults/main/store.yml
index dc02c8f..5352110 100644
--- a/roles/gateway_server/defaults/main/store.yml
+++ b/roles/gateway_server/defaults/main/store.yml
@@ -12,10 +12,9 @@ gateway_server_store_backend: local
 gateway_server_store_etcd_hosts: localhost:2379
 gateway_server_store_etcd_use_tls: true
 gateway_server_store_etcd_client_cert_auth: true
-# TODO - Remove?
-# gateway_server_store_etcd_ca_certificate_filename: "{{ gateway_server_pki_ca_cert_dest }}"
-# gateway_server_store_etcd_certificate_filename: "{{ gateway_server_pki_cert_dest }}"
-# gateway_server_store_etcd_private_key_filename: "{{ gateway_server_pki_key_dest }}"
+gateway_server_store_etcd_ca_certificate_filename: "{{ gateway_server_pki_ca_cert_dest }}"
+gateway_server_store_etcd_certificate_filename: "{{ gateway_server_pki_cert_dest }}"
+gateway_server_store_etcd_private_key_filename: "{{ gateway_server_pki_key_dest }}"
 
 # Gateway DynamoDB variables
 gateway_server_store_dynamodb_table_name: itential.gateway5.store
diff --git a/roles/gateway_server/tasks/install_gateway.yml b/roles/gateway_server/tasks/install_gateway.yml
index 47c9f74..827946c 100644
--- a/roles/gateway_server/tasks/install_gateway.yml
+++ b/roles/gateway_server/tasks/install_gateway.yml
@@ -28,14 +28,14 @@
 - name: Create a temporary download directory
   ansible.builtin.tempfile:
     state: directory
-  register: downloaddir
+  register: gateway_server_download_dir
   changed_when: false
 
 - name: Download the gateway packages from repository
   ansible.builtin.get_url:
     url: "{{ item }}"
-    dest: "{{ downloaddir.path }}/"
-    mode: '0755'
+    dest: "{{ gateway_server_download_dir.path }}/"
+    mode: "0755"
     # Sets the appropriate header based on the repository type:
     # - For JFrog: Uses the "X-JFrog-Art-Api" header with the API key if "repository_api_key"
     #   is defined and "jfrog" is part of the download URL.
@@ -58,13 +58,13 @@
   when:
     - "'http' in item"
     - item.endswith('.rpm')
-  register: download_result
+  register: gateway_server_download_result
   changed_when: false
 
 - name: Propagate the gateway packages from the control node
   ansible.builtin.copy:
     src: "{{ item }}"
-    dest: "{{ downloaddir.path }}/{{ item }}"
+    dest: "{{ gateway_server_download_dir.path }}/{{ item }}"
     owner: "{{ gateway_server_user }}"
     group: "{{ gateway_server_group }}"
     mode: "0775"
@@ -77,7 +77,7 @@
 
 - name: Find the gateway packages
   ansible.builtin.find:
-    paths: "{{ downloaddir.path }}"
+    paths: "{{ gateway_server_download_dir.path }}"
     patterns: "*.rpm"
   register: gateway_server_packages
   changed_when: false
@@ -91,6 +91,6 @@
 
 - name: Remove the temporary download directory
   ansible.builtin.file:
-    path: "{{ downloaddir.path }}"
+    path: "{{ gateway_server_download_dir.path }}"
     state: absent
   changed_when: false
diff --git a/roles/gateway_server/tasks/install_tofu.yml b/roles/gateway_server/tasks/install_tofu.yml
index 99a2495..7a412b8 100644
--- a/roles/gateway_server/tasks/install_tofu.yml
+++ b/roles/gateway_server/tasks/install_tofu.yml
@@ -7,7 +7,7 @@
     dest: /etc/yum.repos.d/
     owner: root
     group: root
-    mode: '0644'
+    mode: "0644"
 
 - name: Install OpenTofu packages
   ansible.builtin.dnf:
diff --git a/roles/gateway_server/tasks/main.yml b/roles/gateway_server/tasks/main.yml
index f73ada3..24a18ec 100644
--- a/roles/gateway_server/tasks/main.yml
+++ b/roles/gateway_server/tasks/main.yml
@@ -80,5 +80,5 @@
     - name: Validate Gateway is running
       ansible.builtin.systemd:
         name: iagctl
-      register: iagctl_status
-      failed_when: iagctl_status.status.ActiveState != 'active'
+      register: gateway_server_iagctl_status
+      failed_when: gateway_server_iagctl_status.status.ActiveState != 'active'
diff --git a/roles/gateway_server/tasks/upload_certs.yml b/roles/gateway_server/tasks/upload_certs.yml
index 9c0458b..41f2cd7 100644
--- a/roles/gateway_server/tasks/upload_certs.yml
+++ b/roles/gateway_server/tasks/upload_certs.yml
@@ -18,7 +18,7 @@
         dest: "{{ gateway_server_pki_ca_cert_dest }}"
         owner: "{{ gateway_server_user }}"
         group: "{{ gateway_server_group }}"
-        mode: '0444'
+        mode: "0444"
       when:
         - gateway_server_pki_cert_src is defined
         - gateway_server_pki_cert_src is not none
@@ -29,7 +29,7 @@
         dest: "{{ gateway_server_pki_cert_dest }}"
         owner: "{{ gateway_server_user }}"
         group: "{{ gateway_server_group }}"
-        mode: '0644'
+        mode: "0644"
       when:
         - gateway_server_pki_cert_src is defined
         - gateway_server_pki_cert_src is not none
@@ -40,7 +40,7 @@
         dest: "{{ gateway_server_pki_key_dest }}"
         owner: "{{ gateway_server_user }}"
         group: "{{ gateway_server_group }}"
-        mode: '0400'
+        mode: "0400"
       when:
         - gateway_server_pki_key_src is defined
         - gateway_server_pki_key_src is not none
@@ -57,7 +57,7 @@
                 dest: "{{ gateway_server_pki_dir }}/{{ gateway_server_connect_certificate_filename }}"
                 owner: "{{ gateway_server_user }}"
                 group: "{{ gateway_server_group }}"
-                mode: '0644'
+                mode: "0644"
               when:
                 - gateway_server_connect_local_certificate_filename is defined
                 - gateway_server_connect_local_certificate_filename is not none
@@ -68,7 +68,7 @@
                 dest: "{{ gateway_server_pki_dir }}/{{ gateway_server_connect_private_key_filename }}"
                 owner: "{{ gateway_server_user }}"
                 group: "{{ gateway_server_group }}"
-                mode: '0400'
+                mode: "0400"
               when:
                 - gateway_server_connect_local_private_key_filename is defined
                 - gateway_server_connect_local_private_key_filename is not none
diff --git a/roles/gateway_server/tasks/validate-vars.yml b/roles/gateway_server/tasks/validate-vars.yml
index 7551267..a35a4cc 100644
--- a/roles/gateway_server/tasks/validate-vars.yml
+++ b/roles/gateway_server/tasks/validate-vars.yml
@@ -4,6 +4,21 @@
 - name: Validate Gateway variables
   tags: always
   block:
+    - name: Validate gateway_server_packages is set
+      ansible.builtin.assert:
+        that:
+          - gateway_server_packages is defined
+          - gateway_server_packages is iterable
+          - gateway_server_packages | length > 0
+        fail_msg: gateway_server_packages must be defined
+
+    - name: Validate gateway_secrets_encrypt_key is correctly formatted
+      ansible.builtin.assert:
+        that:
+          - gateway_secrets_encrypt_key is match('^[0-9a-fA-F]+$')
+          - gateway_secrets_encrypt_key | length == 64
+        fail_msg: gateway_secrets_encrypt_key must be a 64 character hexadecimal string
+
     - name: Validate variables when uploading is configured on
       when: gateway_pki_upload | bool
       block:
@@ -14,14 +29,16 @@
               - gateway_pki_src_dir is not none
             fail_msg: gateway_pki_src_dir must be defined when gateway_pki_upload is set to 'true'
 
-        - name: Stat the local pki directory
+        - name: Stat gateway_pki_src_dir directory
           ansible.builtin.stat:
             path: "{{ gateway_pki_src_dir }}"
-          register: stat_result
+          register: gateway_server_pki_dir_stat_result
           delegate_to: localhost
           become: false
 
-        - name: Validate local pki directory exists
+        - name: Validate gateway_pki_src_dir exists
           ansible.builtin.assert:
-            that: stat_result.stat.exists
-            fail_msg: Local pki directory does not exist
+            that: gateway_server_pki_dir_stat_result.stat.exists
+            fail_msg:
+              - "Local pki directory {{ gateway_pki_src_dir }} does not exist"
+              - "Set gateway_pki_src_dir to a valid directory"
diff --git a/roles/gateway_server/templates/runner.conf.j2 b/roles/gateway_server/templates/runner.conf.j2
index b7cd3a4..3a3c3f0 100644
--- a/roles/gateway_server/templates/runner.conf.j2
+++ b/roles/gateway_server/templates/runner.conf.j2
@@ -41,11 +41,11 @@ etcd_hosts               = '{{ gateway_server_store_etcd_hosts }}'
 etcd_use_tls             = {{ gateway_server_store_etcd_use_tls | to_json }}
 etcd_client_cert_auth    = {{ gateway_server_store_etcd_client_cert_auth | to_json }}
 {% if gateway_server_store_etcd_use_tls | bool %}
-etcd_ca_certificate_file = '{{ gateway_server_pki_ca_cert_dest }}'
+etcd_ca_certificate_file = '{{ gateway_server_store_etcd_ca_certificate_filename }}'
 {% endif %}
 {% if gateway_server_store_etcd_client_cert_auth | bool %}
-etcd_certificate_file    = '{{ gateway_server_pki_cert_dest }}'
-etcd_private_key_file    = '{{ gateway_server_pki_key_dest }}'
+etcd_certificate_file    = '{{ gateway_server_store_etcd_certificate_filename }}'
+etcd_private_key_file    = '{{ gateway_server_store_etcd_private_key_filename }}'
 {% endif %}
 {% endif %}
 
diff --git a/roles/gateway_server/templates/server.conf.j2 b/roles/gateway_server/templates/server.conf.j2
index 9ee7576..f4396ff 100644
--- a/roles/gateway_server/templates/server.conf.j2
+++ b/roles/gateway_server/templates/server.conf.j2
@@ -53,11 +53,11 @@ etcd_hosts               = '{{ gateway_server_store_etcd_hosts }}'
 etcd_use_tls             = {{ gateway_server_store_etcd_use_tls | to_json }}
 etcd_client_cert_auth    = {{ gateway_server_store_etcd_client_cert_auth | to_json }}
 {% if gateway_server_store_etcd_use_tls | bool %}
-etcd_ca_certificate_file = '{{ gateway_server_pki_ca_cert_dest }}'
+etcd_ca_certificate_file = '{{ gateway_server_store_etcd_ca_certificate_filename }}'
 {% endif %}
 {% if gateway_server_store_etcd_client_cert_auth | bool %}
-etcd_certificate_file    = '{{ gateway_server_pki_cert_dest }}'
-etcd_private_key_file    = '{{ gateway_server_pki_key_dest }}'
+etcd_certificate_file    = '{{ gateway_server_store_etcd_certificate_filename }}'
+etcd_private_key_file    = '{{ gateway_server_store_etcd_private_key_filename }}'
 {% endif %}
 {% endif %}
 

From 7f1bb6f4c7e393da3d9811a1c449c906d0917101 Mon Sep 17 00:00:00 2001
From: Kevin Velarde <kevin.velarde@itential.com>
Date: Fri, 17 Oct 2025 21:57:31 -0600
Subject: [PATCH 2/2] Change gateway_server_cluster_id to gateway_cluster_id
 Update example inventories

---
 .gitignore                                    |   1 +
 README.md                                     | 290 +++++++++---------
 docs/reference_guide.md                       |   6 +-
 example_inventories/aio_asa_ha.yml            |   2 +-
 example_inventories/aio_single_node.yaml      |   2 +-
 ...buted_service_excution_single_cluster.yaml |   2 +-
 .../ha_distributed_execution.yaml             |   2 +-
 example_inventories/multiple_cluster.yaml     |  36 ++-
 roles/gateway/defaults/main.yml               |  13 +-
 .../gateway_client/templates/gateway.conf.j2  |   1 +
 roles/gateway_server/defaults/main/common.yml |   3 -
 roles/gateway_server/templates/runner.conf.j2 |   2 +-
 roles/gateway_server/templates/server.conf.j2 |   2 +-
 13 files changed, 183 insertions(+), 179 deletions(-)

diff --git a/.gitignore b/.gitignore
index dc71d9a..d9b7130 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+.ansible
 .DS_Store
 **.DS_Store
 **/ansible.cfg
diff --git a/README.md b/README.md
index a460562..d2b6c84 100644
--- a/README.md
+++ b/README.md
@@ -486,21 +486,21 @@ all:
   children:
     iag5_servers:
       hosts:
-        <IAG5-SERVER-HOSTNAME>:
-          ansible_host: <IAG5-SERVER-IP>
+        server:
+          ansible_host: <SERVER-IP>
       vars:
+        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
         gateway_server_packages:
           - <IAGCTL-RPM>
-        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
 
     iag5_clients:
       hosts:
-        <IAG5-CLIENT-HOSTNAME>:
-          ansible_host: <IAG5-CLIENT-IP>
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <SERVER-IP>
       vars:
         gateway_client_packages:
           - <IAGCTL-TARBALL>
-        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### All-in-one Active/Standby High Availability Inventory
@@ -510,7 +510,7 @@ all:
   vars:
     ansible_user: <ANSIBLE-USER>
 
-    # Nexus
+    # Itential Nexus repository
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
@@ -520,27 +520,24 @@ all:
   children:
     iag5_servers:
       hosts:
-        <ACTIVE-IAG5-SERVER-HOSTNAME>:
-          ansible_host: <ACTIVE-IAG5-SERVER-IP>
-        <STANDBY-IAG5-SERVER-HOSTNAME>:
-          ansible_host: <STANDBY-IAG5-SERVER-IP>
+        active-server:
+          ansible_host: <ACTIVE-SERVER-IP>
+        standby-server:
+          ansible_host: <STANDBY-SERVER-IP>
       vars:
         gateway_server_packages:
           - <IAGCTL-RPM>
-
-        # Etcd
         gateway_server_store_backend: etcd
-        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER2-IP>:2379
-        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
+        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
 
     iag5_clients:
       hosts:
-        <IAG5-CLIENT-HOSTNAME>:
-          ansible_host: <IAG5-CLIENT-IP>
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <ACTIVE-SERVER-IP>
       vars:
         gateway_client_packages:
           - <IAGCTL-TARBALL>
-        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### Distributed Service Execution with Single Cluster Inventory
@@ -550,7 +547,7 @@ all:
   vars:
     ansible_user: rocky
 
-    # Nexus
+    # Itential Nexus repository
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
@@ -558,46 +555,43 @@ all:
     gateway_pki_src_dir: <PKI-DIR>
 
   children:
-    gateway_servers:
-      children:
-        iag5_servers:
-        iag5_runners:
-      vars:
-        gateway_packages:
-          - <IAGCTL-RPM>
-
-        # DynamoDB
-        gateway_store_backend: dynamodb
-        gateway_store_dynamodb_table_name: <DYNAMODB-TABLE-NAME>
-        gateway_store_dynamodb_aws_access_key_id: <DYNAMODB-AWS-ACCESS-KEY-ID>
-        gateway_store_dynamodb_aws_secret_access_key: <DYNAMODB-AWS-SECRET-ACCESS-KEY>
-        gateway_store_dynamodb_aws_session_token: <DYNAMODB-AWS-SESSION-TOKEN>
-
     iag5_servers:
       hosts:
-        <IAG5-SERVER-HOSTNAME>:
-          ansible_host: <IAG5-SERVER-IP>
+        server:
+          ansible_host: <SERVER-IP>
+
+    iag5_runners:
+      hosts:
+        runner1:
+          ansible_host: <RUNNER1-IP>
+        runner2:
+          ansible_host: <RUNNER2-IP>
+        runner3:
+          ansible_host: <RUNNER3-IP>
       vars:
         gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
         gateway_server_distributed_execution: true
 
-    iag5_runners:
+    servers_runners:
       hosts:
-        <IAG5-RUNNER1-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER1-IP>
-        <IAG5-RUNNER2-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER2-IP>
-        <IAG5-RUNNER3-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER3-IP>
+        server:
+        runner1:
+        runner2:
+        runner3:
+      vars:
+        gateway_server_packages:
+          - <IAGCTL-RPM>
+        gateway_server_store_backend: etcd
+        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
 
     iag5_clients:
       hosts:
-        <IAG5-CLIENT-HOSTNAME>:
-          ansible_host: <IAG5-CLIENT-IP>
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <SERVER-IP>
       vars:
         gateway_client_packages:
           - <IAGCTL-TARBALL>
-        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### High Availability with Distributed Execution Inventory
@@ -605,9 +599,9 @@ all:
 ```yaml
 all:
   vars:
-    ansible_user: <ANSIBLE-USER>
+    ansible_user: rocky
 
-    # Nexus
+    # Itential Nexus repository
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
@@ -615,58 +609,59 @@ all:
     gateway_pki_src_dir: <PKI-DIR>
 
   children:
-    gateway_servers:
-      children:
-        iag5_servers:
-        iag5_runners:
-      vars:
-        gateway_server_packages:
-          - <IAGCTL-RPM>
-
-        # Etcd
-        gateway_server_store_backend: etcd
-        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER2-IP>:2379
-        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
-
     iag5_servers:
       hosts:
-        <ACTIVE-IAG5-SERVER-HOSTNAME>:
-          ansible_host: <ACTIVE-IAG5-SERVER-IP>
-        <STANDBY-IAG5-SERVER-HOSTNAME>:
-          ansible_host: <STANDBY-IAG5-SERVER-IP>
+        active-server:
+          ansible_host: <ACTIVE-SERVER-IP>
+        standby-server:
+          ansible_host: <STANDBY-SERVER-IP>
+
+    iag5_runners:
+      hosts:
+        runner1:
+          ansible_host: <RUNNER1-IP>
+        runner2:
+          ansible_host: <RUNNER2-IP>
+        runner3:
+          ansible_host: <RUNNER3-IP>
       vars:
+        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
         gateway_server_distributed_execution: true
 
-    iag5_runners:
+    servers_runners:
       hosts:
-        <IAG5-RUNNER1-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER1-IP>
-        <IAG5-RUNNER2-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER2-IP>
-        <IAG5-RUNNER3-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER3-IP>
+        active-server:
+        standby-server:
+        runner1:
+        runner2:
+        runner3:
+      vars:
+        gateway_server_packages:
+          - <IAGCTL-RPM>
+        gateway_server_store_backend: etcd
+        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
 
     iag5_clients:
       hosts:
-        <IAG5-CLIENT-HOSTNAME>:
-          ansible_host: <IAG5-CLIENT-IP>
+        client:
+          ansible_host: <CLIENT-IP>
+          gateway_client_host: <ACTIVE-SERVER-IP>
       vars:
         gateway_client_packages:
           - <IAGCTL-TARBALL>
-        gateway_client_host: <IAG-SERVER-IP>
 ```
 
 ### Multiple Cluster Architecture Inventories
 
 Cluster 1:
-Note - `gateway_server_cluster_id` is set to `cluster_1` in the `iag5_servers` vars section.
+Note - `gateway_cluster_id` is set to `cluster_1` in the `iag5_servers` vars section.
 
 ```yaml
 all:
   vars:
     ansible_user: rocky
 
-    # Nexus
+    # Itential Nexus repository
     repository_username: <NEXUS-USERNAME>
     repository_password: <NEXUS-PASSWORD>
 
@@ -674,104 +669,93 @@ all:
     gateway_pki_src_dir: <PKI-DIR>
 
   children:
-    gateway_servers:
-      children:
-        iag5_servers:
-        iag5_runners:
-      vars:
-        gateway_packages:
-          - <IAGCTL-RPM>
-        gateway_secrets_encrypt_key: <ENCRYPT-KEY>
-
-        # Etcd
-        gateway_server_store_backend: etcd
-        gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER2-IP>:2379
-        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
-
     iag5_servers:
       hosts:
-        <IAG5-SERVER-HOSTNAME>:
-          ansible_host: <IAG5-SERVER-IP>
+        cluster1_server:
+          ansible_host: <CLUSTER1-SERVER-IP>
+        cluster2_server:
+          ansible_host: <CLUSTER2-SERVER-IP>
       vars:
-        gateway_server_cluster_id: cluster_1
         gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
         gateway_server_distributed_execution: true
 
     iag5_runners:
       hosts:
-        <IAG5-RUNNER1-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER1-IP>
-        <IAG5-RUNNER2-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER2-IP>
-        <IAG5-RUNNER3-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER3-IP>
-
-    iag5_clients:
+        cluster1_runner1:
+          ansible_host: <CLUSTER1-RUNNER1-IP>
+        cluster1_runner2:
+          ansible_host: <CLUSTER1-RUNNER2-IP>
+        cluster1_runner3:
+          ansible_host: <CLUSTER1-RUNNER3-IP>
+        cluster2_runner1:
+          ansible_host: <CLUSTER2-RUNNER1-IP>
+        cluster2_runner2:
+          ansible_host: <CLUSTER2-RUNNER2-IP>
+        cluster2_runner3:
+          ansible_host: <CLUSTER2-RUNNER3-IP>
+
+    iag5_servers_runners:
       hosts:
-        <IAG5-CLIENT-HOSTNAME>:
-          ansible_host: <IAG5-CLIENT-IP>
+        cluster1_server:
+        cluster1_runner1:
+        cluster1_runner2:
+        cluster1_runner3:
+        cluster2_server:
+        cluster2_runner1:
+        cluster2_runner2:
+        cluster2_runner3:
       vars:
-        gateway_client_packages:
-          - <IAGCTL-TARBALL>
-        gateway_client_host: <IAG-SERVER-IP>
-```
-
-Cluster 2:
-Note - `gateway_server_cluster_id` is set to `cluster_2` in the `iag5_servers` vars section.
-
-```yaml
-all:
-  vars:
-    ansible_user: rocky
-
-    # Nexus
-    repository_username: <NEXUS-USERNAME>
-    repository_password: <NEXUS-PASSWORD>
-
-    gateway_secrets_encrypt_key: <ENCRYPT-KEY>
-    gateway_pki_src_dir: <PKI-DIR>
+        gateway_server_packages:
+          - <IAGCTL-RPM>
+        gateway_server_store_backend: etcd
 
-  children:
-    gateway_servers:
-      children:
-        iag5_servers:
-        iag5_runners:
+    cluster1_iag5_all:
+      hosts:
+        cluster1_client:
+        cluster1_server:
+        cluster1_runner1:
+        cluster1_runner2:
+        cluster1_runner3:
       vars:
-        gateway_packages:
-          - <IAGCTL-RPM>
-        gateway_secrets_encrypt_key: <ENCRYPT-KEY>
+        gateway_cluster_id: cluster_1
 
-        # DynamoDB
-        gateway_store_backend: dynamodb
-        gateway_store_dynamodb_table_name: <DYNAMODB-TABLE-NAME>
-        gateway_store_dynamodb_aws_access_key_id: <DYNAMODB-AWS-ACCESS-KEY-ID>
-        gateway_store_dynamodb_aws_secret_access_key: <DYNAMODB-AWS-SECRET-ACCESS-KEY>
-        gateway_store_dynamodb_aws_session_token: <DYNAMODB-AWS-SESSION-TOKEN>
+    cluster1_iag5_servers_runners:
+      hosts:
+        cluster1_server:
+        cluster1_runner1:
+        cluster1_runner2:
+        cluster1_runner3:
+      vars:
+        gateway_server_store_etcd_hosts: <CLUSTER1-ETCD-SERVER1-IP>:2379 <CLUSTER1-ETCD-SERVER2-IP>:2379 <CLUSTER1-ETCD-SERVER3-IP>:2379
 
-    iag5_servers:
+    cluster2_iag5_all:
       hosts:
-        <IAG5-SERVER-HOSTNAME>:
-          ansible_host: <IAG5-SERVER-IP>
+        cluster2_client:
+        cluster2_server:
+        cluster2_runner1:
+        cluster2_runner2:
+        cluster2_runner3:
       vars:
-        gateway_server_cluster_id: cluster_2
-        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
-        gateway_server_distributed_execution: true
+        gateway_cluster_id: cluster_2
 
-    iag5_runners:
+    cluster2_iag5_servers_runners:
       hosts:
-        <IAG5-RUNNER1-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER1-IP>
-        <IAG5-RUNNER2-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER2-IP>
-        <IAG5-RUNNER3-HOSTNAME>:
-          ansible_host: <IAG5-RUNNER3-IP>
+        cluster2_server:
+        cluster2_runner1:
+        cluster2_runner2:
+        cluster2_runner3:
+      vars:
+        gateway_server_store_etcd_hosts: <CLUSTER2-ETCD-SERVER1-IP>:2379 <CLUSTER2-ETCD-SERVER2-IP>:2379 <CLUSTER2-TCD-SERVER3-IP>:2379
 
     iag5_clients:
       hosts:
-        <IAG5-CLIENT-HOSTNAME>:
-          ansible_host: <IAG5-CLIENT-IP>
+        cluster1_client:
+          ansible_host: <CLUSTER1-CLIENT-IP>
+          gateway_client_host: <CLUSTER1-SERVER-IP>
+        cluster2_client:
+          ansible_host: <CLUSTER2-CLIENT-IP>
+          gateway_client_host: <CLUSTER2-SERVER-IP>
       vars:
-        gateway_client_host: <IAG-SERVER-IP>
         gateway_client_packages:
           - <IAGCTL-TARBALL>
 ```
diff --git a/docs/reference_guide.md b/docs/reference_guide.md
index 68d0690..45fc8f9 100644
--- a/docs/reference_guide.md
+++ b/docs/reference_guide.md
@@ -7,8 +7,7 @@ overridden in the `iag5_clients`, `iag5_servers` or `iag_runners` group vars.
 
 | Variable | Type | Description | Default Value |
 | :------- | :--- | :---------- | :------------ |
-| `repository_username` | String | The username for authenticating to the Itential Nexus repository. | N/A |
-| `repository_password` | String | The password for authenticating to the Itential Nexus repository. | N/A |
+| `gateway_cluster_id` | String | The IAG5 cluster ID. | cluster_1 |
 | `gateway_pki_upload` | Boolean | Flag for enabling/disabling upload of PKI certificates and keys. | true |
 | `gateway_pki_key_suffix` | String | The default PKI key suffix. | .key |
 | `gateway_pki_cert_suffix` | String | The default PKI certificate suffix. | .crt |
@@ -16,6 +15,8 @@ overridden in the `iag5_clients`, `iag5_servers` or `iag_runners` group vars.
 | `gateway_secrets_encrypt_key` | String | The secrets encrypt key. | N/A (must be defined in inventory) |
 | `gateway_secrets_encrypt_key_dir` | String | The directory where the secrets encrypt key is stored. | "{{ gateway_client_working_dir }}/keys" (clients)<br>"{{ gateway_server_config_dir }}/keys" (servers/runners) |
 | `gateway_secrets_encrypt_key_file` | String | The path to the secrets encrypt key. | "{{ gateway_secrets_encrypt_key_dir }}/encryption-key" |
+| `repository_username` | String | The username for authenticating to the Itential Nexus repository. | N/A |
+| `repository_password` | String | The password for authenticating to the Itential Nexus repository. | N/A |
 
 ## Client Variables
 
@@ -55,7 +56,6 @@ the `iag5_servers` or `iag_runners` group vars.
 | Variable | Type | Description | Default Value |
 | :------- | :--- | :---------- | :------------ |
 | `gateway_server_packages` | List of Strings | The gateway server packages to install | N/A (must be defined in inventory) |
-| `gateway_server_cluster_id` | String | The IAG5 cluster ID. | cluster_1 |
 | `gateway_server_listen_address` | String | The server listen address. | 0.0.0.0 |
 | `gateway_server_port` | Integer | The server listen port. | 50051 |
 | `gateway_server_requirements_file` | String |  | requirements.txt |
diff --git a/example_inventories/aio_asa_ha.yml b/example_inventories/aio_asa_ha.yml
index 03adb4d..a04f51c 100644
--- a/example_inventories/aio_asa_ha.yml
+++ b/example_inventories/aio_asa_ha.yml
@@ -17,7 +17,7 @@ all:
         standby-server:
           ansible_host: <STANDBY-SERVER-IP>
       vars:
-        gateway_packages:
+        gateway_server_packages:
           - <IAGCTL-RPM>
         gateway_server_store_backend: etcd
         gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
diff --git a/example_inventories/aio_single_node.yaml b/example_inventories/aio_single_node.yaml
index 078066e..5291ba7 100644
--- a/example_inventories/aio_single_node.yaml
+++ b/example_inventories/aio_single_node.yaml
@@ -16,7 +16,7 @@ all:
           ansible_host: <SERVER-IP>
       vars:
         gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
-        gateway_packages:
+        gateway_server_packages:
           - <IAGCTL-RPM>
 
     iag5_clients:
diff --git a/example_inventories/distributed_service_excution_single_cluster.yaml b/example_inventories/distributed_service_excution_single_cluster.yaml
index 16be111..9b243d3 100644
--- a/example_inventories/distributed_service_excution_single_cluster.yaml
+++ b/example_inventories/distributed_service_excution_single_cluster.yaml
@@ -34,7 +34,7 @@ all:
         runner2:
         runner3:
       vars:
-        gateway_packages:
+        gateway_server_packages:
           - <IAGCTL-RPM>
         gateway_server_store_backend: etcd
         gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
diff --git a/example_inventories/ha_distributed_execution.yaml b/example_inventories/ha_distributed_execution.yaml
index b9d829b..31202ad 100644
--- a/example_inventories/ha_distributed_execution.yaml
+++ b/example_inventories/ha_distributed_execution.yaml
@@ -37,7 +37,7 @@ all:
         runner2:
         runner3:
       vars:
-        gateway_packages:
+        gateway_server_packages:
           - <IAGCTL-RPM>
         gateway_server_store_backend: etcd
         gateway_server_store_etcd_hosts: <ETCD-SERVER1-IP>:2379 <ETCD-SERVER2-IP>:2379 <ETCD-SERVER3-IP>:2379
diff --git a/example_inventories/multiple_cluster.yaml b/example_inventories/multiple_cluster.yaml
index e7f417c..6a33f70 100644
--- a/example_inventories/multiple_cluster.yaml
+++ b/example_inventories/multiple_cluster.yaml
@@ -16,6 +16,9 @@ all:
           ansible_host: <CLUSTER1-SERVER-IP>
         cluster2_server:
           ansible_host: <CLUSTER2-SERVER-IP>
+      vars:
+        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
+        gateway_server_distributed_execution: true
 
     iag5_runners:
       hosts:
@@ -31,11 +34,8 @@ all:
           ansible_host: <CLUSTER2-RUNNER2-IP>
         cluster2_runner3:
           ansible_host: <CLUSTER2-RUNNER3-IP>
-      vars:
-        gateway_server_connect_hosts: <GATEWAY-MANAGER-IP>:8080
-        gateway_server_distributed_execution: true
 
-    servers_runners:
+    iag5_servers_runners:
       hosts:
         cluster1_server:
         cluster1_runner1:
@@ -46,28 +46,46 @@ all:
         cluster2_runner2:
         cluster2_runner3:
       vars:
-        gateway_packages:
+        gateway_server_packages:
           - <IAGCTL-RPM>
         gateway_server_store_backend: etcd
 
-    cluster1:
+    cluster1_iag5_all:
+      hosts:
+        cluster1_client:
+        cluster1_server:
+        cluster1_runner1:
+        cluster1_runner2:
+        cluster1_runner3:
+      vars:
+        gateway_cluster_id: cluster_1
+
+    cluster1_iag5_servers_runners:
       hosts:
         cluster1_server:
         cluster1_runner1:
         cluster1_runner2:
         cluster1_runner3:
       vars:
-        cluster_id: cluster_1
         gateway_server_store_etcd_hosts: <CLUSTER1-ETCD-SERVER1-IP>:2379 <CLUSTER1-ETCD-SERVER2-IP>:2379 <CLUSTER1-ETCD-SERVER3-IP>:2379
 
-    cluster2:
+    cluster2_iag5_all:
+      hosts:
+        cluster2_client:
+        cluster2_server:
+        cluster2_runner1:
+        cluster2_runner2:
+        cluster2_runner3:
+      vars:
+        gateway_cluster_id: cluster_2
+
+    cluster2_iag5_servers_runners:
       hosts:
         cluster2_server:
         cluster2_runner1:
         cluster2_runner2:
         cluster2_runner3:
       vars:
-        cluster_id: cluster_2
         gateway_server_store_etcd_hosts: <CLUSTER2-ETCD-SERVER1-IP>:2379 <CLUSTER2-ETCD-SERVER2-IP>:2379 <CLUSTER2-TCD-SERVER3-IP>:2379
 
     iag5_clients:
diff --git a/roles/gateway/defaults/main.yml b/roles/gateway/defaults/main.yml
index fcdca0d..3cb1105 100644
--- a/roles/gateway/defaults/main.yml
+++ b/roles/gateway/defaults/main.yml
@@ -5,11 +5,8 @@
 # Gateway common variables
 ##########################
 
-# Artifact repository credentials
-# Must be defined in the inventory when downloading Gateway artifacts from the Itential
-# Nexus repository.
-repository_username:  # noqa var-naming[no-role-prefix]
-repository_password:  # noqa var-naming[no-role-prefix]
+# Gateway cluster ID
+gateway_cluster_id: cluster_1
 
 # Gateway TLS
 gateway_pki_upload: true
@@ -22,3 +19,9 @@ gateway_pki_src_dir:
 # The gateway_secrets_encrypt_key must be defined in the inventory.
 gateway_secrets_encrypt_key:
 gateway_secrets_encrypt_key_file: "{{ gateway_secrets_encrypt_key_dir }}/encryption-key"
+
+# Artifact repository credentials
+# Must be defined in the inventory when downloading Gateway artifacts from the Itential
+# Nexus repository.
+repository_username:  # noqa var-naming[no-role-prefix]
+repository_password:  # noqa var-naming[no-role-prefix]
diff --git a/roles/gateway_client/templates/gateway.conf.j2 b/roles/gateway_client/templates/gateway.conf.j2
index 75eb362..5012006 100644
--- a/roles/gateway_client/templates/gateway.conf.j2
+++ b/roles/gateway_client/templates/gateway.conf.j2
@@ -1,5 +1,6 @@
 [application]
 mode                 = {{ gateway_application_mode }}
+cluster_id          = '{{ gateway_cluster_id }}'
 working_dir          = {{ gateway_client_working_dir }}
 ca_certificate_file  = {{ gateway_client_pki_ca_cert_dest }}
 
diff --git a/roles/gateway_server/defaults/main/common.yml b/roles/gateway_server/defaults/main/common.yml
index 844752f..ddfcb01 100644
--- a/roles/gateway_server/defaults/main/common.yml
+++ b/roles/gateway_server/defaults/main/common.yml
@@ -5,9 +5,6 @@
 # Gateway common server and runner variables
 ############################################
 
-# Gateway server cluster ID
-gateway_server_cluster_id: cluster_1
-
 # Gateway listen address and port
 gateway_server_listen_address: 0.0.0.0
 gateway_server_port: 50051
diff --git a/roles/gateway_server/templates/runner.conf.j2 b/roles/gateway_server/templates/runner.conf.j2
index 3a3c3f0..edf2fe5 100644
--- a/roles/gateway_server/templates/runner.conf.j2
+++ b/roles/gateway_server/templates/runner.conf.j2
@@ -1,6 +1,6 @@
 [application]
 mode                = '{{ gateway_application_mode }}'
-cluster_id          = '{{ gateway_server_cluster_id }}'
+cluster_id          = '{{ gateway_cluster_id }}'
 working_dir         = '{{ gateway_server_data_dir }}'
 ca_certificate_file = '{{ gateway_server_pki_ca_cert_dest }}'
 
diff --git a/roles/gateway_server/templates/server.conf.j2 b/roles/gateway_server/templates/server.conf.j2
index f4396ff..83a2af1 100644
--- a/roles/gateway_server/templates/server.conf.j2
+++ b/roles/gateway_server/templates/server.conf.j2
@@ -1,6 +1,6 @@
 [application]
 mode                = '{{ gateway_application_mode }}'
-cluster_id          = '{{ gateway_server_cluster_id }}'
+cluster_id          = '{{ gateway_cluster_id }}'
 working_dir         = '{{ gateway_server_data_dir }}'
 ca_certificate_file = '{{ gateway_server_pki_ca_cert_dest }}'